Protecting Your Data On The Network, Cloud And Virtual Servers



Similar documents
Managing BitLocker With SafeGuard Enterprise

Encryption Buyers Guide

Sample Mobile Device Security Policy

Your Company Data, Their Personal Device What Could Go Wrong?

Protecting Your Roaming Workforce With Cloud-Based Security

Simplifying Branch Office Security

Deciphering the Code: A Simple Guide to Encryption

Strengthen Microsoft Office 365 with Sophos Cloud and Reflexion

IT Resource Management & Mobile Data Protection vs. User Empowerment

Sample Data Security Policies

IT Resource Management vs. User Empowerment

Seven Keys to Securing Your Growing Business

Simple Security Is Better Security

How To Manage A Mobile Device Management (Mdm) Solution

Healthcare Buyers Guide: Mobile Device Management

Protecting personally identifiable information: What data is at risk and what you can do about it

Building a Next-Gen Managed Security Practice

Five Tips to Reduce Risk From Modern Web Threats

Botnets: The dark side of cloud computing

Next Gen Firewall and UTM Buyers Guide

A Manager s Guide to Unified Threat Management and Next-Gen Firewalls

Sophos XG Firewall Licensing

Keeping Data Safe When Using Mobile Devices

Secure Cross Border File Protection & Sharing for Enterprise Product Brief CRYPTOMILL INC

Sales Consultant I Engineer I Architect I Support Engineer I MSP. A Simple Overview to Training and Certification

Proactive controls to mitigate IT security risk

WhitePaper. Private Cloud Computing Essentials

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE

Mobile Madness or BYOD Security?

Mobile Device Security: What s Coming Next?

Wireless network security: A how-to guide for SMBs

Making the leap to the cloud: IS my data private and secure?

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE

Sizing Guideline. Sophos UTM SG Series Appliances. Sophos UTM 9.2 Sizing Guide for SG Series appliances

Simplifying branch office security

An introduction to Hosted SQL database applications

Solve the Dropbox Problem with Enterprise Content Connectors. Whitepaper Solve the Dropbox Problem with Enterprise Content Connectors

Comparative Performance and Resilience Test Results - UTM Appliances. Miercom tests comparing Sophos SG Series appliances against the competition

Securing Corporate Data and Making Life Easier for the IT Admin Benefits of Pre Boot Network Authentication Technology

ESS, LLC Cloud Sync White Paper: 8 Ways to Boost Employee Productivity and Morale with Business-Grade File Sync

Sophos SG Series Appliances

The Sophos Security Heartbeat:

Top Four Considerations for Securing Microsoft SharePoint

BEST PRACTICES IN BYOD

Simple security is better security Or: How complexity became the biggest security threat

Whitepaper. How MSPs are Increasing Revenues by Solving BYOD Issues. nfrascaletm. Infrascale Phone: Web:

The Maximum Security Marriage:

Comparing Alternatives for Business-Grade File Sharing. intermedia.net CALL US US ON THE WEB

Research Information Security Guideline

What are Hosted Desktops?

Compliance in 5 Steps

DISCOVER, MONITOR AND PROTECT YOUR SENSITIVE INFORMATION Symantec Data Loss Prevention. symantec.com

Choosing an MDM Platform

Security Architecture Whitepaper

Enterprise Data Protection

THREE KEYS TO COST-EFFECTIVE SECURITY FOR YOUR SMALL BUSINESS

Why Encryption is Essential to the Safety of Your Business

EasiShare Whitepaper - Empowering Your Mobile Workforce

White Paper. Anywhere, Any Device File Access with IT in Control. Enterprise File Serving 2.0

THE BYOD SURVIVAL GUIDE 5TIPS FOR PRACTICING SAFE MOBILE FILE ACCESS AND COLLABORATION

Securing Office 365 with MobileIron

A Websense Research Brief Prevent Data Loss and Comply with Payment Card Industry Data Security Standards

WHITE PAPER. Mobile Security. Top Five Security Threats for the Mobile Enterprise and How to Address Them

Mobilize SharePoint Securely: Top 5 Enterprise Requirements

Hosted SharePoint. OneDrive for Business. OneDrive for Business with Hosted SharePoint. Secure UK Cloud Document Management from Your Office Anywhere

Everything You Need to Know About Effective Mobile Device Management. mastering the mobile workplace

Preemptive security solutions for healthcare

ShareFile Enterprise for healthcare

RSA Solution Brief. RSA SecurID Authentication in Action: Securing Privileged User Access. RSA Solution Brief

EXECUTIVE SUMMARY Cloud Backup for Endpoint Devices

What is MyUTM? 2. How do I log in to MyUTM? 2. I m logged in, what can I do? 2. What s the Overview section? 2

Six Steps Healthcare Organizations Can Take to Secure PHI on Mobile Devices

Two Great Ways to Protect Your Virtual Machines From Malware

IRONKEY CASE STUDIES. Healthcare Solutions

What Dropbox Can t Do For Your Business

Data Security in a Mobile, Cloud-Based World

SECURE AND MANAGE YOUR MOBILE FLEET Freedome for Business

S E A h a w k C r y p t o M i l l CryptoMill Technologies Ltd.

Session 11 : (additional) Cloud Computing Advantages and Disadvantages

CHOOSING AN MDM PLATFORM

Cloud Backup and Recovery for Endpoint Devices

Best Practices for Protecting Laptop Data

Astaro Security Gateway V8. Remote Access via L2TP over IPSec Configuring ASG and Client

Cirius Whitepaper for Medical Practices

1. Introduction Activation of Mobile Device Management How Endpoint Protector MDM Works... 5

ProtectV. Securing Sensitive Data in Virtual and Cloud Environments. Executive Summary

An Enterprise Approach to Mobile File Access and Sharing

Saf April Saf Helping your business reach further with hosted at UK based, ISO 27001, Tier 4 data centres.

Security Solutions

Computer Security at Columbia College. Barak Zahavy April 2010

The fastest Cloud upgrade for Windows desktops

10 Hidden IT Risks That Threaten Your Practice

Cloud storage buyer s guide

Websense Data Security Suite and Cyber-Ark Inter-Business Vault. The Power of Integration

The 2014 Bitglass Healthcare Breach Report

owncloud by Broadband Solutions Secure high-speed file sharing and sync cloud storage platform hosted in Australia

Secure Data Sharing in the Enterprise

Internet threats: steps to security for your small business

SureDrop Secure collaboration. Without compromise.

Transcription:

Protecting Your Data On The Network, Cloud And Virtual Servers How SafeGuard Encryption can secure your files everywhere The workplace is never static. Developments include the widespread use of public cloud storage services like Dropbox and the growing use of virtual servers. Cloud-based storage is vital to businesses so data protection must continue to evolve to meet these changing realities. Organizations need to extend their data protection policies to focus on securing the data wherever it s stored and not just securing particular devices. This paper explores developments in data protection and how our SafeGuard Enterprise solution can help you protect data everywhere.

Data protection everywhere We live in a world where data can be stored and accessed anywhere. This requires an evolution in the way we view data protection. Ultimately, the where doesn t matter. What s important is that your data is securely encrypted, independent of its location. Your data protection strategy can't focus solely on encrypting laptops, desktop computers and USB devices. Instead you need to enable encrypted data to move seamlessly between storage locations, secure from prying eyes but immediately accessible to those who need it. At Sophos we see three main developments in the data protection environment: Securing data in cloud storage services Securing central file shares Securing virtual servers This paper explores each of these and looks at how SafeGuard Enterprise can help you protect data everywhere. Securing data in cloud storage services Cloud storage services like Dropbox, Google Drive, Egnyte or Microsoft s OneDrive are useful tools that let people access their files from anywhere, on any device. They re great for collaboration and productivity. But if the data s not encrypted before being uploaded to the cloud, these services have the potential to undo all your on-premise data protection efforts. Here are four main risks posed by cloud storage services: 1. Accidental data loss: Users can share sensitive information stored in the cloud with anyone, opening the door to common errors such as sending the link to a document to the wrong person. 2. Data theft: Hackers know that cloud storage services are modern day pots of gold, making them a common target for attack. Of course, all reputable cloud storage services take security very seriously. However, users themselves create easy theft opportunities, such as by using simple passwords for their cloud storage accounts rather than the complex hard-to-crack ones that are enforced within your organization. 3. Storage provider vulnerabilities: Cloud storage providers have full access to your data and control where it is stored, making your data subject to security and technical issues with the providers themselves. 4. Poor user practices: Your users are mobile, and the use of cloud storage services is increasing rapidly. Users often find it quicker and easier to access files from the cloud rather than using a VPN to connect to the corporate network. If they aren t given a safe, approved way to use such services they invariably search for work-arounds, without consideration for the security of your corporate data. A Sophos Whitepaper March 2014 2

The solution: SafeGuard Encryption for Cloud Storage The simple way to secure data is to encrypt files before they're uploaded to the cloud from any managed endpoint. But it s important to do so in a way that's seamless to your users, doesn t slow them down, and allows them to access the encrypted data from anywhere, including their Android and ios devices. SafeGuard Encryption for Cloud Storage does just that. It automatically and invisibly encrypts data as it s uploaded to the cloud storage service. And you can manage it through your current SafeGuard Management Center minimizing the administrative overhead. It s straightforward for your users too. If they access files from their local computer holding the encryption key, the files are decrypted automatically. And if they access a file from another computer or device they simply need to enter the password they set at the start to be able to read it. Without the proper encryption key or password, SafeGuard-protected files can't be accessed by unauthorized users or hackers. SafeGuard Encryption for Cloud Storage in action Bob creates document on his laptop in the office. Bob uploads encrypted file to the cloud, creating a password to access the file. Bob tells Paul the password. Bob accesses the file on his work laptop from home (no password needed his PC already has the keys). Paul edits the document and then uploads the encrypted file back to the cloud storage service. Paul accesses the file from his hotel room (using the password). Bob makes final edits to the document. Paul reviews the final edits on his ipad in the taxi (using the password). Paul and Bob present the final document to their senior management team. Result: They ve been able to collaborate effectively from any location, while ensuring their sensitive data was secure at all times: no unauthorized third party, including the storage provider, ever had access to the document s content. A Sophos Whitepaper March 2014 3

Securing network file shares Consider the following scenarios: Scenario 1: Your R&D manager is working on a new concept document. He works on his SafeGuard-encrypted laptop, so the file is secure. But then he uploads it to a network file share for colleagues to review and in doing so he inadvertently decrypts the file. A colleague then sends the document as an email attachment to a third party, killing your competitive advantage. Scenario 2: Your company s being acquired and the HR team is working on a confidential new resourcing plan. The files are stored on the HR team s area of the file share, which only they and the system administrator have access to. The system administrator opens the file and learns that major cuts to the IT team are planned. This leads to widespread concern in the department, impacting output and productivity. Of course, systems administrators need access to your file shares to keep your business running. But they don t need access to the content of the files and folders. Today s technologies exacerbate the challenge. It s no longer just a case of who can see the content of your files, but also where they can send it. Developments such as 4G and the widespread availability of high-speed Internet connections make it possible for individual users to upload huge datasets and share them across the globe in an instant. The solution: SafeGuard Encryption for File Shares SafeGuard Encryption for File Shares solves both these issues, delivering seamless, invisible file and folder encryption. It keeps your data safe, even if your users move or copy files to other locations or devices, preventing unwanted decryption. And it makes sure only the right people within your organization can access the right data. Privileged users like IT administrators can still manage files on servers but can t read their content. This protects the sensitive business information, and it protects IT administrators from issues with auditors. So your organization can keep working and being productive, while plugging vital holes in your data security. And, like SafeGuard Encryption for Cloud Storage, it s managed through your current SafeGuard Management Center, minimizing the impact on IT teams. A Sophos Whitepaper March 2014 4

Securing virtual servers Public cloud providers, such as Amazon EC2, are a cost-effective way to host virtual servers. They eliminate the management overhead of traditional IT hardware options. And it s a good bet that they provide a better level of backup and disaster recovery than many organizations could manage internally. The downside is security. First you need to consider how secure your data is in the cloud. If your provider is compromised or has rogue employees, data can get into the wrong hands. And if you want to switch virtual providers, can you be sure that your data is no longer stored with the former provider? The solution is to encrypt the data. So it doesn t matter if the data gets into the wrong hands because it can t be accessed. But that leads to the second challenge, which is how to do it. If you have a third party managing your encryption keys this is a clear vulnerability in your data protection strategy. And if they only encrypt the data after transmission to the virtual server, it s open to being sniffed in transit. The solution: SafeGuard Encryption for File Shares With SafeGuard Encryption for File Shares your virtual server becomes simply an extension of your network file share. It automatically, invisibly encrypts data before it s transferred to the cloud. And it s all managed through your SafeGuard Management Center. SafeGuard Encryption for File Shares use the same key management as other SafeGuard Enterprise modules you manage and control everything. No need for middle men or involvement from the virtual server provider. You ll keep your data safe and have the flexibility to switch providers without worrying about potential breaches. The regulatory implications of data protection everywhere Some data protection requirements have global reach such as PCI compliance. Other legislation affects you depending on your geography or industry (e.g., EU legislation, Australian Privacy Act, HIPAA for U.S. healthcare organizations). Cloud storage adds to the complexity. For example, the data might not even be stored in your home country. Whichever regulations you need to comply with, you have to include data in the cloud and on file shares in your data protection strategy. Regulators don t care where the data s stored. What they want to know and what you need to demonstrate is that it s secure at all times independent of its location. For you, the implications of a data breach are the same whether the data was on an unsecured laptop, cloud storage service, USB device or in an email attachment. A Sophos Whitepaper March 2014 5

By securing data in the cloud and on file shares with SafeGuard Enterprise you are able to demonstrate easily that your data is protected and prove your compliance at all times. Even if the files fall into the wrong hands they are always encrypted so they can t be read, which delivers seamless and transparent data protection that is independent of storage location. Additional data security controls Encryption may be the core element of your data protection strategy, but there are other steps you can take to enhance your data security. 1. Apply URL filtering to control access to unauthorized cloud storage websites. You can also decide to permit access on a case-by-case basis with multiple profile settings, so that selected users retain access and others are denied it. 2. Use application controls to set policies for the entire company or specific groups to block or allow particular applications. In the case of most commercial cloud storage vendors, application controls can prevent people from installing and running the vendor's application. 3. Enable easy email encryption with encrypt email as an option in users Outlook toolbars, so they can quickly encrypt sensitive emails and attachments with just a click. 4. Enforce data loss prevention (DLP) controls for email. Automatically scan the content and attachments of emails for sensitive data such as credit card numbers or personally identifiable information. Then automatically alert the sender that the message has sensitive information. Based on rules you create, you can block or quarantine the message for approval or encrypt the message before it leaves your network and control. 5. Implement mobile device management to ensure that all company or BYOD devices meet your security requirements before they're allowed to access corporate data or email. Enable remote lock and wipe in case of loss or theft plus enforce built-in security features such as passcodes and device encryption. To see how Sophos makes it easy for you to implement these controls through our endpoint, mobile and email solutions, please visit sophos.com. A Sophos Whitepaper March 2014 6

Sophos SafeGuard Enterprise All SafeGuard Enterprise modules - such as SafeGuard Encryption for Cloud Storage and SafeGuard Encryption for File Shares - are available as perpetual licenses or as part of the convenient all-in-one subscription license SafeGuard Enterprise Encryption, giving you data protection truly everywhere. See how it works Learn how SafeGuard Enterprise can meet your evolving data protection requirements. Get a free trial at sophos.com/free-trials United Kingdom and Worldwide Sales Tel: +44 (0)8447 671131 Email: sales@sophos.com North American Sales Toll Free: 1-866-866-2802 Email: nasales@sophos.com Australia and New Zealand Sales Tel: +61 2 9409 9100 Email: sales@sophos.com.au Asia Sales Tel: +65 62244168 Email: salesasia@sophos.com Oxford, UK Boston, USA Copyright 2013. Sophos Ltd. All rights reserved. Registered in England and Wales No. 2096520, The Pentagon, Abingdon Science Park, Abingdon, OX14 3YP, UK Sophos is the registered trademark of Sophos Ltd. All other product and company names mentioned are trademarks or registered trademarks of their respective owners. 3.14.GH.wpna.simple

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information